Vulnerability Name:

CVE-2004-1354 (CCN-16146)

Assigned:2004-05-13
Published:2004-05-13
Updated:2018-10-30
Summary:The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-22
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2004-1354

Source: CCN
Type: SA11616
Sun Solaris SMC Web Server File Enumeration Security Issue

Source: SECUNIA
Type: Patch, Vendor Advisory
11616

Source: CCN
Type: Spoofed.org Advisory Mon Sep 22 01:14:38 2003
Information disclosure with SMC webserver on Solaris 9

Source: MISC
Type: Patch
http://spoofed.org/files/text/solaris-smc-advisory.txt

Source: CCN
Type: Sun Alert ID: 57559
The Solaris Management Console (smc(1M)) Server May Disclose Information About Files on a Solaris System

Source: SUNALERT
Type: Patch, Vendor Advisory
57559

Source: AUSCERT
Type: Patch, Vendor Advisory
ESB-2004.0347

Source: MLIST
Type: UNKNOWN
[focus-sun] 20031022 Information disclosure with SMC webserver on Solaris 9

Source: OSVDB
Type: Patch
6119

Source: CCN
Type: OSVDB ID: 6119
Solaris SMC Web Server File Enumeration

Source: BID
Type: Patch
10349

Source: CCN
Type: BID-10349
Sun Solaris Management Console Information Disclosure Vulnerability

Source: BID
Type: UNKNOWN
8873

Source: CCN
Type: BID-8873
Sun Management Center Error Message Information Disclosure Vulnerability

Source: XF
Type: UNKNOWN
smc-dotdot-directory-traversal(16146)

Source: XF
Type: UNKNOWN
smc-dotdot-directory-traversal(16146)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1482

Vulnerable Configuration:Configuration 1:
  • cpe:/o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:1482
    V
    		Management Console Directory Traversal Vulnerability
    2005-10-12
    BACK
    sun solaris 8.0
    sun solaris 9.0
    sun solaris 9.0
    sun solaris 9.0 x86_update_2
    sun sunos 5.8